$3.3M Crypto-Phishing Email Scam Hits Web3 Companies

A screenshot from MailerLite's incident report outlining the cyberattack.

MailerLite’s Admission: Web3 Email Accounts Compromised

Email marketing firm MailerLite has officially acknowledged a major cybersecurity breach that allowed hackers to gain control of select Web3 email accounts. The attack led to a series of crypto-phishing email scams, resulting in an estimated loss of $3.3 million from subscribers.

Targeted Web3 Companies Include Cointelegraph

Prominent Web3 companies, including Cointelegraph, WalletConnect, Token Terminal, and De.Fi, were among the targets of the attack. Official accounts of these companies were used to send phishing emails containing malicious links designed to drain cryptocurrency wallets.

Social Engineering Attack Unveiled

The hackers exploited a social engineering attack by targeting a customer support employee. Through deceptive means, the employee clicked on an image linked to a fraudulent Google sign-in page. This unwittingly authenticated access, allows the attackers to compromise MailerLite’s internal admin panel.

Compromised Accounts and Stolen Data

MailerLite revealed that 117 accounts were accessed by the hackers, with a small number exploited to launch phishing campaigns. Clients’ and subscribers’ data, including full names, email addresses, and personal information stored on MailerLite, were compromised.


In-Depth Analysis by Blockchain Analytics

Cointelegraph collaborated with blockchain analytics platform Nansen to estimate the value of funds stolen. The main phishing wallet recorded $3.3 million in total inflows, with the majority tied to Xbanking tokens. However, concerns arise about the liquidity and convertibility of these tokens, reducing the actual stolen amount to approximately $700,000.

Privacy Protocol Railgun Used by Attackers

Both Nansen and an anonymous Reddit post highlighted the use of the privacy protocol Railgun to obscure the transfer of stolen tokens. Railgun, built on Ethereum, BNB Chain, Polygon, and Arbitrum, employs zero-knowledge cryptography to enhance privacy in smart contracts and decentralized finance protocols.

Fallout and Ongoing Concerns

As the aftermath of the cyberattack unfolds, concerns about the security of Web3 companies and the vulnerability of blockchain data continue to rise. MailerLite’s admission sheds light on the critical need for robust cybersecurity measures to protect both platforms and users in the decentralized ecosystem.

Client Inquiries and Ongoing Investigation

The incident raises questions about communication transparency and the level of support provided to affected clients in the aftermath of such security breaches.

Industry Implications and Future Safeguards

The incident serves as a wake-up call for the broader crypto and blockchain industry. Companies operating in the Web3 space must reassess their security protocols, implement additional safeguards, and collaborate to strengthen the overall resilience of the ecosystem against evolving cyber threats.

In conclusion, the MailerLite cyberattack highlights the growing risks in the Web3 space and the pressing need for enhanced cybersecurity measures. The incident prompts a reevaluation of security strategies across the blockchain industry, emphasizing the importance of proactive measures to safeguard against potential breaches.

Source link